Vulnerability Details : CVE-2023-3323
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted
programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.
This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.
Products affected by CVE-2023-3323
- cpe:2.3:a:abb:zenon:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-3323
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 21 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-3323
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.9
|
MEDIUM | CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H |
0.4
|
5.5
|
Asea Brown Boveri Ltd. (ABB) | |
5.4
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
2.8
|
2.5
|
NIST |
CWE ids for CVE-2023-3323
-
During installation, installed file permissions are set to allow anyone to modify those files.Assigned by: cybersecurity@ch.abb.com (Primary)
References for CVE-2023-3323
-
https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590
Mitigation;Technical Description;Vendor Advisory
Jump to